CLAIMS 



1 . A method of converting an electronic wallet, comprising steps of: 

providing an account, the account a first account type providing a first set of 
services, the first set of services requiring a first level of authentication; 

presenting an accountholder a one-time challenge/response mechanism; and 
if the accountholder clears the challenge, converting the account to a second 
account type for all time. 

2. The method of Claim 1 , wherein the challenge/response mechanism requires 
an accountholder to provide information known only to the accountholder; and 

wherein the second type provides the first set of services plus further services 
associated therewith, the further services requiring at least one further level of 
authentication. 

3. The method of Claim 2, wherein the step of providing the wallet account 
comprises either of the steps of: 

creating the account when making an initial purchase; and 
creating a record in a subscriber database. 

4. The method of Claim 3, wherein subscribers include subscribers to any of: 
an online service; and 

an ISP (Internet service provider). 

5. The method of Claim 2, wherein the step of presenting a challenge/response 
mechanism comprises steps of: 
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requesting a service from within the account of the first type that is only 
available from within an account of the second type; and 

one time only, prompting the accountholder to provide the information known 
only to the accountholder. 

5 

6. The method of Claim 2, wherein the account comprises an electronic wallet, 
the first type comprising a thin wallet wherein the first set of services comprises at 
least one low-risk task requiring a low security level. 

10 7. The method of Claim 6, wherein the at least one low-risk task comprises any 
of: 

making purchases not exceeding a predetermined purchase amount; 

making transactions using default account information; and 

making purchases at sites requiring only the first level of authentication. 

15 

8. The method of Claim 6, wherein the second type comprises a full wallet and 
the further rights comprise additional tasks requiring greater security than the low 
level of security. 

20 9. The method of Claim 8, wherein the additional tasks comprise any of: 
editing the default account information; 
editing account preferences; 

making purchases that exceed a predetermined purchase amount; and 
making purchases at sites that require the at least one level of further 
25 authentication. 
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10. The method of Claim 2, further comprising a step of authenticating at the first 
level to gain access to the first account. 

11. The method of Claim 10, wherein authenticating at the first level comprises 
providing a user ID and a first-level password. 

12. The method of Claim 12, wherein the information known only to the account 
holder comprises at least a portion of a credit card number stored in the first account. 

13. The method of Claim 12, further comprising steps of: 

if the accountholder doesn't clear the challenge, allowing a predetermined 
number of attempts to enter the information known only to the account holder; and 

if the accountholder fails the predetermined number of attempts, allowing the 
accountholder to provide a new credit card number; and 

presenting a challenge based on the new credit card number. 

1 4. The method of Claim 2, further comprising steps of: 

configuring the challenge by an account provider, wherein configuring the 

challenge includes: 

specifying information requested by the challenge; and 
specifying a permissible number of response attempts. 

1 5. The method of Claim 2, wherein the step of converting the account comprises 
steps of: 

creating a record in a wallet account database; 
providing notice of a privacy policy; and 
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consenting to the privacy policy by the account holder. 

16. The method of Claim 15, wherein the step of converting the account further 
comprises a step of: 

5 creating a second-level challenge. 

17. The method of Claim 16, wherein the step of creating a second-level 
challenge comprises any of the steps of: 

setting a second-level password; and 
10 configuring a security question by the accountholder. 

18. The method of Claim 17, wherein the at least one further level of 
authentication requires any of the steps of: 

providing the second-level password; and 
15 clearing the security question. 

1 9. The method of Claim 1 8, further comprising a step of: 

providing a user interface accessible only to holders of accounts of the 
second type to edit account information and preferences. 

20 

20. The method of Claim 1 9, wherein the account information comprises any of: 
first name; 

middle initial; 
last name; 
25 credit card type; 

credit card number; 
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credit card expiration date; 

billing address; 

city; 

state; 

postal code; 
country; 

daytime phone; and 
evening phone. 



21. The method of Claim 20, wherein first account type comprises a thin wallet, 
the thin wallet comprising a record in a subscriber database, and wherein the second 
account type comprises a full wallet, the full wallet comprising the record in the wallet 
database, wherein full wallet is initially populated with information from the thin 
wallet. 

22. The method of Claim 21 , further comprising a step of: 

providing a wallet server, wherein the wallet server comprises a web server 
having a wallet application running thereon, the wallet server operative to pull 
account information from either the subscriber database or the wallet database. 

23. A computer program product comprising a tangible medium having computer 
readable code embodied thereon, the computer code including program code means 
for performing a method of converting an electronic wallet, the method comprising 
steps of: 

providing an account, the account a first account type providing a first set of 
services, the first set of services requiring a first level of authentication; 
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presenting an accountholder a one-time challenge/response mechanism; and 
if the accountholder clears the challenge, converting the account to a second 
account type for all time. 

24. The method of Claim 23, wherein the challenge/response mechanism 
requires an accountholder to provide information known only to the accountholder; 
and 

wherein the second type provides the first set of services plus further services 
associated therewith, the further services requiring at least one further level of 
authentication. 

25. The method of Claim 24, wherein the step of providing the wallet account 
comprises either of the steps of: 

creating the account when making an initial purchase; and 
creating a record in a subscriber database. 

26. The method of Claim 25, wherein subscribers include subscribers to any of: 
an online service; and 

an ISP (Internet service provider). 

27. The method of Claim 24, wherein the step of presenting a challenge/response 
mechanism comprises steps of: 

requesting a service from within the account of the first type that is only 
available from within an account of the second type; and 

one time only, prompting the accountholder to provide the information known 
only to the accountholder. 
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28. The method of Claim 24, wherein the account comprises an electronic wallet, 
the first type comprising a thin wallet wherein the first set of services comprises at 
least one low-risk task requiring a low security level. 

29. The method of Claim 28, wherein the at least one low-risk task comprises any 
of: 

making purchases not exceeding a predetermined purchase amount; 

making transactions using default account information; and 

making purchases at sites requiring only the first level of authentication. 

30. The method of Claim 28, wherein the second type comprises a full wallet and 
the further rights comprise additional tasks requiring greater security than the low 
level of security. 

31 . The method of Claim 30, wherein the additional tasks comprise any of: 
editing the default account information; 

editing account preferences; 

making purchases that exceed a predetermined purchase amount; and 
making purchases at sites that require the at least one level of further 
authentication. 

32. The method of Claim 24, further comprising a step of authenticating at the first 
level to gain access to the first account. 
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33. The method of Claim 32, wherein authenticating at the first level comprises 
providing a user ID and a first-level password. 

34. The method of Claim 24, wherein the information known only to the account 
5 holder comprises at least a portion of a credit card number stored in the first account. 

35. The method of Claim 24, further comprising steps of: 

if the accountholder doesn't clear the challenge, allowing a predetermined 
number of attempts to enter the information known only to the account holder; and 
10 if the accountholder fails the predetermined number of attempts, allowing the 

accountholder to provide a new credit card number; and 

presenting a challenge based on the new credit card number. 

36. The method of Claim 24, further comprising steps of: 

15 configuring the challenge by an account provider, wherein configuring the 

challenge includes: 

specifying information requested by the challenge; and 
specifying a permissible number of response attempts. 

20 37. The method of Claim 24, wherein the step of converting the account 
comprises steps of: 

creating a record in a wallet account database; 

providing notice of a privacy policy; and 

consenting to the privacy policy by the account holder. 



26 



38. The method of Claim 37, wherein the step of converting the account further 
comprises a step of: 

creating a second-level challenge. 

5 39. The method of Claim 38, wherein the step of creating a second-level 
challenge comprises any of the steps of: 

setting a second-level password; and 

configuring a security question by the accountholder. 

10 40. The method of Claim 39, wherein the at least one further level of 
authentication required any of the steps of: 

providing the second-level password; and 
clearing the security question. 

15 41 . The method of Claim 40, further comprising a step of: 

providing a user interface accessible only to holders of accounts of the 
second type to edit account information and preferences. 

42. The method of Claim 41 , wherein the account information comprises any of: 
20 first name; 

middle initial; 

last name; 

credit card type; 

credit card number; 
25 credit card expiration date; 

billing address; 
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city; 
state; 

postal code; 
country; 

daytime phone; and 
evening phone. 

43. The method of Claim 42, wherein first account type comprises a thin wallet, 
the thin wallet comprising a record in a subscriber database, and wherein the second 
account type comprises a full wallet, the full wallet comprising the record in the wallet 
database, wherein full wallet is initially populated with information from the thin 
wallet. 

44. The method of Claim 43, further comprising a step of: 

providing a wallet server, wherein the wallet server comprises a web server 
having a wallet application running thereon, the wallet server operative to pull 
account information from either the subscriber database or the wallet database. 

45. The method of Claim 2, wherein said at least one further level of 
authentication comprises accessing said account from a client device previously 
established as trusted. 

46. The method of Claim 45, wherein establishing a client as trusted comprises 
authentication with a second-level password. 
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47. The method of Claim 45, further comprising a step of reestablishing a client as 
trusted if a trusted state is compromised. 

48. The method of Claim 45, further comprising a step of providing a visual 
5 indicator of a trusted state. 

49. The method of Claim 45, further comprising a step of providing a security 
controls panel that permits accountholders to manage authentication for various 
online products and sites. 

10 

50. A system for converting an electronic wallet comprising: 
a wallet server; 

a wallet database; 

a subscriber database; 
15 wherein the wallet server is in communication with the wallet and the 

subscriber databases; and 

a client in communication with the wallet server, wherein a wallet 
accountholder requests services from the wallet server; 

wherein the server includes means for converting the electronic wallet. 

20 

51. The system of Claim 50, wherein the means for converting the electronic 
wallet comprises a computer program embodied on a tangible medium, the computer 
program including computer code means for: 

providing an account, the account a first account type providing a first set of 
25 services, the first set of services requiring a first level of authentication; 
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presenting the accountholder a one-time challenge/response mechanism; 

and 

if the accountholder clears the challenge, converting the account to a second 
account type for all time. 

52. The system of Claim 51 , wherein the challenge/response mechanism requires 
an accountholder to provide information known only to the accountholder; and 

wherein the second account type provides the first set of services plus further 
services associated therewith, the further services requiring at least one further level 
of authentication. 

53. The system of Claim 52, wherein the code means for providing the wallet 
account comprises code means for either of: 

creating the account when making an initial purchase; and 
creating a record in the subscriber database. 

54. The system of Claim 53, wherein subscribers include subscribers to any of: 
an online service; and 

an ISP (Internet service provider). 

55. The system of Claim 52, wherein the code means for presenting a 
challenge/response mechanism comprises code means for: 

requesting a service from within the account of the first type that is only 
available from within an account of the second type; and 

one time only, prompting the accountholder to provide the information known 
only to the accountholder. 
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56. The system of Claim 52, wherein the account comprises an electronic wallet, 
the first type comprising a thin wallet wherein the first set of services comprises at 
least one low-risk task requiring a low security level. 

57. The system of Claim 56, wherein the at least one low-risk task comprises any 
of: 

making purchases not exceeding a predetermined purchase amount; 

making transactions using default account information; and 

making purchases at sites requiring only the first level of authentication. 

58. The system of Claim 56, wherein the second type comprises a full wallet and 
the further rights comprise additional tasks requiring greater security than the low 
level of security. 

59. The system of Claim 58, wherein the additional tasks comprise any of: 
editing default account information; 

editing account preferences; 

making purchases that exceed a predetermined purchase amount; and 
making purchases at sites that require the at least one level of further 
authentication. 

60. The system of Claim 52, the program further comprising code means for 
authenticating at the first level to gain access to the first account. 
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61 . The system of Claim 60, wherein the code means for authenticating at the first 
level includes code means for providing a user ID and a first-level password. 

62. The system of Claim 52, wherein the information known only to the account 
holder comprises at least a portion of a credit card number stored in the first account. 

63. The system of Claim 52, the program further comprising code means for: 

if the accountholder doesn't clear the challenge, allowing a predetermined 
number of attempts to enter the information known only to the account holder; and 

if the accountholder fails the predetermined number of attempts, allowing the 
accountholder to provide a new credit card number; and 

presenting a challenge based on the new credit card number. 

64. The system of Claim 52, the program further comprising code means for: 
configuring the challenge by an account provider, wherein configuring the 

challenge includes: 

specifying information requested by the challenge; and 
specifying a permissible number of response attempts. 

65. The system of Claim 52, wherein the code means for converting the account 
comprises code means for: 

creating a record in the wallet database; 
providing notice of a privacy policy; and 
consenting to the privacy policy by the account holder. 
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66. The system of Claim 65, wherein the code means for converting the account 
further comprises code means for: 

creating a second-level challenge. 

67. The system of Claim 66, wherein the code means for creating a second-level 
challenge comprises code means for any of: 

setting a second-level password 

configuring a security question by the accountholder. 

68. The system of Claim 67, wherein the at least one further level of 
authentication requires any of the steps of: 

providing the second-level password; and 
clearing the security question. 

69. The system of Claim 68, the program further comprising code means for: 
providing a user interface accessible only to holders of accounts of the 

second type to edit account information and preferences. 

70. The system of Claim 69, wherein the account information comprises any of: 
first name; 

middle initial; 
last name; 
credit card type; 
credit card number; 
credit card expiration date; 
billing address; 
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city; 
state; 

postal code; 
country; 
5 daytime phone; and 

evening phone. 



71. The system of Claim 70, wherein the first account type comprises a thin 
wallet, the thin wallet comprising a record in the subscriber database, and wherein 

10 the second account type comprises a full wallet, the full wallet comprising the record 
in the wallet database, wherein the full wallet is initially populated with information 
from the thin wallet. 

72. The system of Claim 71, wherein the wallet server comprises a web server 
15 having the wallet application running thereon, the wallet server operative to pull 

account information from either the subscriber database or the wallet database. 

73. The system of Claim 50, further comprising a second server, said second 
server operative to relay data and requests between said wallet server and said 

20 subscriber database. 

74. The system of Claim 73, further comprising a router, the router operative to 
link at least a first and a second network, wherein the wallet server occupies the first 
network and wherein the second server and the subscriber database occupy the 

25 second network. 
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75. The system of Claim 74, wherein the wallet database occupies said second 
network. 

76. The system of Claim 52, wherein said at least one further level of 
5 authentication comprises accessing said account from a client device previously 

established as trusted. 

77. The system of Claim 76, wherein establishing a client as trusted comprises 
authentication with a second-level password. 

10 

78. The system of Claim 76, said application further comprising code means for 
reestablishing a client as trusted if a trusted state is compromised. 

79. The system of Claim 76, said application further comprising code means for 
15 providing a visual indicator of a trusted state. 

80. The system of Claim 76, said application further comprising code means for 
providing a security controls panel that permits accountholders to manage 
authentication for various online products and sites. 

20 
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